June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
CVE-2025-4093 – Mozilla Firefox Vulnerability
May 3, 2025Mirai Botnet aka Katana – Active IOCs
May 3, 2025CVE-2025-4093 – Mozilla Firefox Vulnerability
May 3, 2025Mirai Botnet aka Katana – Active IOCs
May 3, 2025
Severity
Medium
Analysis Summary
CVE-2025-1333 CVSS:6
IBM MQ Container, when used with the IBM MQ Operator LTS, MQ Operator CD, and MQ Operator and configured with Cloud Pak for Integration Keycloak, could allow a remote attacker to obtain sensitive information.
CVE-2025-27365 CVSS:6.5
IBM MQ Operator is vulnerable to a denial of service, caused by a use-after-free error. By connecting the client to a MQ Queue Manager, an attacker could cause a SIGSEGV in the AMQRMPPA channel process terminating it.
Impact
- Information Disclosure
- Denial of Service
Indicators of Compromise
CVE
CVE-2025-1333
CVE-2025-27365
Affected Vendors
- IBM
Affected Products
- IBM MQ Operator - 2.0.0 LTS - 3.0.0 - 3.0.1 - 3.1.0 - 3.1.3 - 3.4.0 - 3.5.0 - 3.5.1 CD - 3.2.0 SC2
Remediation
Refer to IBM Security Advisory for patch, upgrade, or suggested workaround information.